> ## Documentation Index
> Fetch the complete documentation index at: https://docs.encoreos.io/llms.txt
> Use this file to discover all available pages before exploring further.

# 42 CFR Part 2 Electronic Consent & Redisclosure — Compliance Evidence

> Evidence for electronic consent capture and redisclosure controls under 42 CFR Part 2.

**Feature ID:** CL-11-EN-01\
**Regulation:** 42 CFR Part 2 (Confidentiality of SUD Patient Records)\
**Status:** ✅ Implemented\
**Date:** 2026-04-10\
**Spec:** [CL-11-EN-01](https://github.com/Encore-OS/encoreos/blob/development/specs/cl/specs/CL-11-EN-01-electronic-consent-42cfr-redisclosure.md)

***

## 1. Regulatory Requirements Addressed

### § 2.31 — Consent Requirements

| Requirement                            | Implementation                                                                  | Evidence                                              |
| -------------------------------------- | ------------------------------------------------------------------------------- | ----------------------------------------------------- |
| Written consent with specific elements | `ConsentCaptureSheet` wizard with Zod validation (`consent-capture-schema.ts`)  | Schema enforces all required fields before submission |
| Granular consent categories            | `consent_categories` JSONB: treatment, payment, operations, providers, research | `ConsentCategories` type in `electronic-consent.ts`   |
| Patient identification                 | `patient_id` UUID required on all consent records                               | DB NOT NULL constraint                                |
| Purpose specification                  | Category-level granularity (treatment/payment/operations/providers/research)    | Checkbox UI with at-least-one validation              |
| Expiration date                        | `expiration_date DATE` column with 30/14/7-day alert thresholds                 | `consent-expiration.ts` utility                       |
| Right to revoke                        | `RevokeConsentDialog` with irreversibility warning; status → 'revoked'          | Permission-gated (`cl.electronic-consent.revoke`)     |

### § 2.32 — Prohibition on Redisclosure

| Requirement                                      | Implementation                                                  | Evidence                                                |
| ------------------------------------------------ | --------------------------------------------------------------- | ------------------------------------------------------- |
| Notice must accompany disclosures                | `generateRedisclosureNotice()` in `redisclosure-notice.ts`      | Full federal prohibition language generated             |
| Notice includes federal confidentiality citation | Notice text references "42 CFR Part 2" and prohibition language | Unit tests verify presence of key phrases               |
| Notice includes recipient, date, purpose         | Parameterized notice generation with all fields                 | `RecordDisclosureSheet` shows preview before submission |

### § 2.13(d) — Accounting of Disclosures

| Requirement    | Implementation                               | Evidence                                   |
| -------------- | -------------------------------------------- | ------------------------------------------ |
| Who disclosed  | `disclosed_by UUID` in `cl_redisclosure_log` | NOT NULL FK to `pf_profiles`               |
| When disclosed | `disclosed_at TIMESTAMPTZ`                   | NOT NULL, set at creation                  |
| To whom        | `recipient TEXT`                             | NOT NULL                                   |
| Purpose        | `purpose TEXT`                               | NOT NULL                                   |
| What records   | `records_disclosed JSONB`                    | Structured record type/date range metadata |

***

## 2. Data Model Evidence

### Tables Created

| Table                    | Purpose                                                | Immutability                                 |
| ------------------------ | ------------------------------------------------------ | -------------------------------------------- |
| `cl_electronic_consents` | Signed consent records with e-signature and categories | Standard CRUD (revocation via status change) |
| `cl_redisclosure_log`    | Append-only disclosure audit trail                     | UPDATE/DELETE revoked + immutability trigger |

### RLS Enforcement

* Both tables use `cl_has_org_access()` SECURITY DEFINER helper
* `cl_redisclosure_log`: SELECT + INSERT only policies; no UPDATE/DELETE policies
* Privilege revocation: `REVOKE UPDATE, DELETE ON cl_redisclosure_log FROM authenticated`
* Defense-in-depth: `trg_cl_redisclosure_log_immutable` trigger raises exception on UPDATE/DELETE

***

## 3. Permission Controls

| Permission Key                 | Purpose                     | Roles                      |
| ------------------------------ | --------------------------- | -------------------------- |
| `cl.electronic-consent.view`   | View consent records        | org\_admin, manager, staff |
| `cl.electronic-consent.create` | Create new consents         | org\_admin, manager, staff |
| `cl.electronic-consent.revoke` | Revoke active consents      | org\_admin only            |
| `cl.redisclosure-log.view`     | View disclosure audit trail | org\_admin, manager, staff |
| `cl.redisclosure-log.create`   | Record new disclosures      | org\_admin, manager, staff |
| `cl.compliance_report.view`    | View compliance dashboard   | org\_admin                 |

***

## 4. UI Controls

| Component                      | Permission Gate                | Description                                     |
| ------------------------------ | ------------------------------ | ----------------------------------------------- |
| `ElectronicConsentPage`        | `cl.electronic-consent.view`   | Two-tab layout (Consents + Redisclosure Audit)  |
| `ConsentCaptureSheet`          | `cl.electronic-consent.create` | Wizard with e-signature and attestation         |
| `RevokeConsentDialog`          | `cl.electronic-consent.revoke` | Destructive action with irreversibility warning |
| `RecordDisclosureSheet`        | `cl.redisclosure-log.create`   | Disclosure recording with § 2.32 notice preview |
| `Part2ComplianceDashboardPage` | `cl.compliance_report.view`    | Aggregate-only statistics (no patient IDs)      |

***

## 5. Test Evidence

| Test Suite                              | Tests  | Coverage                                                     |
| --------------------------------------- | ------ | ------------------------------------------------------------ |
| `consent-expiration.test.ts`            | 12     | 30/14/7-day thresholds, status logic                         |
| `redisclosure-notice.test.ts`           | 8      | § 2.32 prohibition language validation                       |
| `electronic-consent-workflow.test.ts`   | 16     | Full lifecycle: draft → active → revoke; disclosure blocking |
| `electronic-consent-compliance.test.ts` | 20     | § 2.31 elements, § 2.32 notices, § 2.13(d) accounting        |
| **Total**                               | **56** | All passing                                                  |

***

## 6. Route Registration

* Path: `/cl/electronic-consents`
* Lazy loaded via `React.lazy`
* Permission guard: `RequirePermission('cl.electronic-consent.view')`

***

## 7. References

* [42 CFR Part 2 Final Rule](https://www.hhs.gov/hipaa/part-2/index.html)
* [CL-11-EN-01 Spec](https://github.com/Encore-OS/encoreos/blob/development/specs/cl/specs/CL-11-EN-01-electronic-consent-42cfr-redisclosure.md)
* [CL-11-EN-01 Integration](/architecture/integrations/electronic-consent-42cfr-redisclosure-integration)
